In various networks, such as telecom networks, it is desirable to control access to telecom network commands on the network by users. One solution to this need is Telecordia's Transaction Language 1 (TL-1) security standard which utilizes UPC (Usage Privilege Code)/APC (Access Privilege Code) system. In this model, users are assigned an APC with a value from between 1 and 4; telecom network commands are assigned a UPC with the same value range. A user's APC must be greater than or equal to the command's UPC for that user to be able to execute that command. This implies that a user with an APC value of 3 may be able to access telecom network commands with UPC values of between 1-3. Further, a user with an APC value of 4 may access any command on the network. The standard implementation of the UPC/APC system requires that at least one user be given an APC value of 4.
This model suffers, though, because it is inflexible. As an example, if a technician needs access to only a few telecom network commands with UPC value 4, this technician must be given an APC value of 4 which means that the technician has access to all the telecom network commands in the network. However, this is a security risk since the technician only needs access to certain telecom network commands to perform their role, in this example. Thus, the inflexibility of this system does not allow for customization, such as the creation of niche roles for users on the network.